CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

IBM Security Bulletins•added 2026/03/11 8:59 p.m.•13 views

Security Bulletin: Due to the use of jetty IBM webMethods BPM is vulnerable to multiple vulnerabilities

Summary IBM webMethods BPM is dependant on jetty which is affected by known vulnerabilities CVE-2020-27223, CVE-2021-28169, CVE-2022-2047, CVE-2023-26049, CVE-2023-36478, CVE-2023-40167 Vulnerability Details CVEID:CVE-2020-27223 DESCRIPTION: In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114...

7.5CVSS6AI score0.7848EPSS

Exploits4Affected Software1

Broadcom•added 2024/05/01 12:0 a.m.•13 views

Statement on Jetty vulnerabilities in Brocade SANav

A Security Researcher performing penetration testing raises CVEs in the Jetty version used by Brocade SANnav v2.1.1. Brocade Statement All supported versions of Brocade SANnav do not directly use Jetty. The code is present within some versions of the SANnav product as it is contained within other...

9.4CVSS5.8AI score0.99298EPSS

Exploits19

IBM Security Bulletins•added 2023/11/27 8:54 a.m.•32 views

Security Bulletin: IBM Integration Bus is vulnerable to multiple vulnerabilities in Eclipse Jetty. (CVE-2023-40167, CVE-2023-26049, CVE-2022-2047, IBM X-Force ID: 261776)

Summary IBM Integration Bus is vulnerable to multiple vulnerabilities in Eclipse Jetty. CVE-2023-40167, CVE-2023-26049, CVE-2022-2047, IBM X-Force ID: 261776 Vulnerability Details CVEID: CVE-2023-40167 DESCRIPTION: Jetty is vulnerable to HTTP request smuggling, caused by improper parsing of the...

5.3CVSS7.2AI score0.013EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/03/02 2:9 p.m.•38 views

Security Bulletin: There is a vulnerability in Eclipse Jetty used by IBM Maximo Asset Management (CVE-2022-2047)

Summary There is a vulnerability in Eclipse Jetty used by IBM Maximo Asset Management. Vulnerability Details CVEID:CVE-2022-2047 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the HttpURI class. By sending a...

4CVSS5.3AI score0.00931EPSS

Exploits0Affected Software11

IBM Security Bulletins•added 2023/02/01 9:59 p.m.•45 views

Security Bulletin: Vulnerability in Eclipse Jetty affects IBM Process Mining . CVE-2022-2047

Summary There is a vulnerability in Eclipse Jetty that could allow an attacker to bypass security restrictions. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2022-2047 DESCRIPTION: Eclipse...

4CVSS5.5AI score0.00931EPSS

Exploits0Affected Software1

RedHat Linux•added 2023/01/17 11:47 a.m.•79 views

Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 2.3.0 release and security update

Red Hat AMQ Streams 2.3.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS6.7AI score0.02824EPSS

Exploits4References9

OSV•added 2023/01/13 11:4 a.m.•4 views

OESA-2023-1030 jetty security update

Jetty is a 100% Java HTTP Server and Servlet Container. This means that you do not need to configure and run a separate web server like Apache in order to use Java, servlets and JSPs to generate dynamic content. Jetty is a fully featured web server for static and dynamic content. Unlike separate...

7.5CVSS8.9AI score0.01818EPSS

Exploits0References3

IBM Security Bulletins•added 2023/01/04 3:58 p.m.•67 views

Security Bulletin: Multiple Vulnerabilities discovered in libraries used by Apache Zookeeper that is included in ITNM (CVE-2020-36518, CVE-2022-2047, CVE-2022-2048, CVE-2022-24823)

Summary Multiple vulnerabilities CVE-2020-36518; CVE-2022-2047; CVE-2022-2048; CVE-2022-24823 found in apache zookeeper used by IBM Tivoli Network Manager ITNM IP Edition. The fix contains the updated versions of corresponding libraries. Vulnerability Details CVEID:CVE-2020-36518 DESCRIPTION:...

7.5CVSS7.2AI score0.0486EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2022/12/30 2:56 p.m.•48 views

Security Bulletin: Tivoli Netcool/Omnibus installation contains vulnerable Eclipse Jetty code libraries (Multiple CVEs)

Summary The 'Netcool MIb Manager GUI' use a version of the Eclipse Jetty libary that contains known vulnerabilities. These vulnerabilities have been addressed by an upgrade to Jetty 9.4.48. Vulnerability Details CVEID:CVE-2022-2048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service,...

7.5CVSS6.7AI score0.01818EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/12/30 10:25 a.m.•96 views

Security Bulletin: Security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for December 2022

Summary In addition to many updates of operating system level packages, the following security vulnerability is addressed with IBM Cloud Pak for Business Automation 21.0.3-IF016 and 22.0.1-IF006. Vulnerability Details CVEID:CVE-2017-10355 DESCRIPTION: An unspecified vulnerability in Oracle Java S...

9.8CVSS8.4AI score0.16181EPSS

Exploits2Affected Software2

IBM Security Bulletins•added 2022/11/22 1:47 p.m.•32 views

Security Bulletin: Rational Performance Tester contains vulnerabilities which could affect Eclipse Jetty. Rational Performance Tester has taken steps to mitigate these vulnerabilities.

Summary Eclipse Jetty contains a vulnerability around improper hostname input handling that could lead to failure in a proxy scenario, and a vulnerability that could lead to a potential denial of service attack. Vulnerability Details CVEID:CVE-2022-2191 DESCRIPTION: Eclipse Jetty is vulnerable to...

7.5CVSS6.4AI score0.01818EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2022/11/17 4:37 p.m.•32 views

Security Bulletin: Potential vulnerability in Eclipse Jetty affects IBM Operations Analytics - Log Analysis (CVE-2022-2047)

Summary The vulnerability in Eclipse Jetty allows bypass security restrictions. This has been addressed. Vulnerability Details CVEID:CVE-2022-2047 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the HttpURI class. By...

2.7CVSS5.4AI score0.00931EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2022/09/29 2:1 p.m.•125 views

Security Bulletin: Multiple vulnerabilities in Zookeeper affecting IBM QRadar User Behavior Analytics (CVE-2022-2191, CVE-2022-2047, CVE-2022-2048, CVE-2022-24823, CVE-2020-36518)

Summary Multiple vulnerabilities exist in Zookeeper that are used by IBM QRadar User Behavior Analytics UBA. These vulnerabilities are addressed in UBA by upgrading to a version of Zookeeper and packages that are associated with Zookeeper that resolve the vulnerabilities. Vulnerability Details...

7.5CVSS7.4AI score0.0486EPSS

Exploits3Affected Software1

Debian•added 2022/08/21 10:58 p.m.•44 views

[SECURITY] [DLA 3079-1] jetty9 security update

Debian LTS Advisory DLA-3079-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 22, 2022 https://wiki.debian.org/LTS Package : jetty9 Version : 9.4.16-0+deb10u2 CVE ID : CVE-2022-2047 CVE-2022-2048 Two security vulnerabilities were discovered in Jetty, a Jav...

7.5CVSS6.7AI score0.01818EPSS

Exploits0

IBM Security Bulletins•added 2022/08/17 5:45 a.m.•48 views

Security Bulletin: An Eclipse Jetty vulnerability affects IBM Rational Functional Tester

Summary There are multiple vulnerabilities in Eclipse Jetty used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-2047 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to bypass security...

7.5CVSS6.5AI score0.01818EPSS

Exploits0Affected Software1

OpenVAS•added 2022/08/03 12:0 a.m.•29 views

Debian: Security Advisory (DSA-5198-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.1AI score0.01818EPSS

Exploits0References4

Tenable Nessus•added 2022/08/03 12:0 a.m.•40 views

Debian DSA-5198-1 : jetty9 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5198 advisory. Two security vulnerabilities were discovered in Jetty, a Java servlet engine and webserver. CVE-2022-2047 In Eclipse Jetty the parsing of the authority segment of...

7.5CVSS7.1AI score0.01818EPSS

Exploits0References7

Debian•added 2022/08/02 11:1 a.m.•39 views

[SECURITY] [DSA 5198-1] jetty9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5198-1 [email protected] https://www.debian.org/security/ Markus Koschany August 02, 2022 https://www.debian.org/security/faq -...

7.5CVSS7.3AI score0.01818EPSS

Exploits0

IBM Security Bulletins•added 2022/07/29 5:38 p.m.•70 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues due to Eclipse Jetty

Summary Eclipse Jetty has reported multiple vulnerabilities. IBM Sterling Secure Proxy has addressed the applicable vulnerabilities. Vulnerability Details CVEID:CVE-2022-2047 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw i...

7.5CVSS6.9AI score0.99298EPSS

Exploits6Affected Software1

OpenVAS•added 2022/07/08 12:0 a.m.•41 views

Eclipse Jetty Multiple Vulnerabilities (Jul 2022) - Linux

Eclipse Jetty is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty"; ifdescription...

7.5CVSS6.2AI score0.01818EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by